44 entries in 0.432s
mircea_popescu: yes, but wrong approach to it all! "here's why serpent's no good, here's why i don't like dea-
aes etc, here's rabin method, imo best" IS something.
mircea_popescu: . (Note that this is a direct encryption of plaintext material with the help of RSA and not an encryption of a key for e.g.
AES with RSA and afterwards an encryption of the plaintext with
AES). Based on this function are the functions rsaencryptplaintexttoct() and rsaencryptbytearraytoct(), which process a user-given plaintext string and byte sequence respectively." << this distinction seems rathger without a difference.
mircea_popescu: anyway, so what's the work mode here, every now and again server sends client a rsa-encrypted packet containing 16
aes keys ; client enciphers its comms to the server with one selected from a set of 8 selected from those 16 ; and deciphers server's with one selected from set of 8 other than previous set. now and again burns a key.
mircea_popescu: apparently
AES is one of those topics where someone could just pick up the log discussion over 3 years and make anencyclopedia entry
mircea_popescu: in other items of republican interest : eulora is at a stage where we have to set down what we'll use for sensitive data encryption (such as for instance the privkey files). i don't particularily wish to use
aes ; anyone wants to contribute to this emerging spec ?
☟︎ mircea_popescu: the categorical alternative (literally what gpg does now) fell on the grounds of "at least we don't need
aes" ; the obvious "cut R into bits and use each" seems to my eye weaker, tho who even knows.
mircea_popescu: trying to stuff a mac or something in there will make the bondogle regret the days of the
aes/rsa combo.
mircea_popescu: you can not promise gpg is just
aes. neither can they.
mircea_popescu: asciilifeform you mean, "if i find
aes collision, i can replace signed text with (longer) signed text" ?
mircea_popescu: that's what
aes did to try and escape "oh it's just maff", "fine we'll implement control structures".
mircea_popescu: anyway.
aes and des should be excommunicated out of everything asap, there's no two ways about it.
mircea_popescu: meanwhile notice that EVERYONE is on
aes to the degree people are treating it like windows.
mircea_popescu: ake this postining). Even the NSA trusts
AES enough to certify it for use protecting top secret information."
mircea_popescu: derp #1 : "What is wrong with existing block ciphers like
AES?
AES has been in widespread use for over a decade and to the best of my knowledge, there is still no practical attack on it (unless someone has built a working quantum computer and not told anyone about it). Its totally free of patents and IP issues. Its been implemented in a huge variety of hardware and software (including the Intel CPU that I am using to m
☟︎ mircea_popescu: blowfish has successfully resisted analysis and was thoroughly abandoned. because
aes "won a competition" ?
☟︎ mircea_popescu: in any case : i don't like
aes for purely political reasons. it became an apparent schelling point out of absolutely nowhere for no discernible reason. these situations always stink.
☟︎☟︎ mircea_popescu: "rsa. use for text. rsa/
aes. use for anything that's not text."
mircea_popescu: do they do the "rsa encryption of an
aes symmetric key" thing ?
mircea_popescu: anyway, birdy whispers in my ear guy's from group that came up with the original xls
aes attack. definitely more standing than tim swanson or w/e.
mircea_popescu: thestringpuller note that the question is leading. sure, "
aes optimised" hardware may deliver better performance, at an unknown cost to security.
mircea_popescu: Almost all
AES implementations use fast lookup tables. <<< o, what ever could be the problem with lookup tables wink wink
mircea_popescu: i guess the author doesn't realise it or something, but this lays bare a much used, fundamental, very valuable exploit of
aes.
mircea_popescu: -192 and
AES-256 revealing the final round key provides 128 bits of key entropy.)
mircea_popescu: It gets worse. Nearly every
AES implementation using AESNI will leave two values in registers: The final block of output, and the final round key. The final block of output isn't a problem for encryption operations — it is ciphertext, which we can assume has leaked anyway — but for encryption an
AES-128 key can be computed from the final round key, and for decryption the final round key is the
AES-128 key. (For
AES ☟︎ mircea_popescu: Consider the "XMM" registers on the x86 architecture: They will only be used by the SSE family of instructions, which is not widely used in most applications — so once a value is stored in one of those registers, it may remain there for a long time. One of the rare instances those registers are used by cryptographic code, however, is for
AES computations, using the "AESNI" instruction set.
mircea_popescu: ered-down encryption (to use stronger encryption in many areas, such as
AES-loop, you needed to compile your own kernel and go to great lengths to manually bypass barriers they put in place to the use of genuinely strong encryption). This told me then that those who controlled distributions were deeply in the pockets of intelligence networks. So it comes as no surprise to me that they jumped on board systemd when told
mircea_popescu: <pankkake> apparently "military grade" is
aes-256 cbc, and admin pins are good ideas << herp
mircea_popescu: >>>
AES encryption is applied to the wallet. Passphrase is specified via environment variable PICOCOIN_PASSPHRASE. << god help us.
mircea_popescu: also afaik
aes-128 is something to the tune of 10^40 ?
mircea_popescu: . Recently, our classified NSA Oak Ridge facility made a stunning breakthrough that is leading us on a path towards building the first exaflop machine (1 quintillion instructions per second) by 2018. This will give us the capability to break the
AES-128 encryption key